Windows SMBv1 Remote Command Execution

Added: 04/26/2017
CVE: CVE-2017-0143
BID: 96703

Background

Server Message Block (SMB) is the protocol used by Microsoft Windows computers to communicate over a network. SMBv1 was the first version of this protocol and is still supported by modern Windows versions.

Problem

A vulnerability in the handling of certain SMBv1 requests could allow a remote attacker to execute arbitrary commands.

Resolution

Apply the patch referenced in MS17-010, or disable SMBv1.

References

https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

Limitations

Exploit works on Windows 7 and Windows Server 2008 R2.

If the exploit succeeds against a 32-bit target, the target reboots when the command connection is closed.

Platforms

Windows 7
Windows Server 2008 R2

Back to exploit index